New Windows Ransomware Warning—$5,000 Buys A $500,000 Attack

Initial VanHelsing Ransomware Attacks Target Windows, At A Price

Although only launched on March 7, the VanHelsing ransomware-as-a-service (RaaS) platform has made a significant impact already. The threat actors behind VanHelsing have seen three enterprise victims fall victim in just two weeks. While that might seem like small numbers, it’s still a concerning development, especially considering the rapid expansion of the threat.

More Than Just Windows In The Crosshairs Of This New $500,000 Ransomware Threat

Check Point Research, a threat intelligence expert, has warned that while the initial successful attacks have been against Windows systems, VanHelsing is actually multi-platform and can also infect Linux, BSD, ARM, and ESXi systems. This multi-platform support broadens the reach of the ransomware, enabling it to target a wide variety of systems.

How VanHelsing Ransomware Works

According to Check Point, VanHelsing opened its doors to "reputable" affiliates, although the use of this term in these circumstances is questionable. To gain access to the platform, affiliates must pay a deposit of $5,000. After two blockchain confirmations of the victim’s ransom payment, the affiliates receive 80% of the revenue, while the remaining 20% is paid to the RaaS operators. For their money, the attackers are provided with a control panel and cross-platform locker to manage their attacks.

Conclusion

The emergence of VanHelsing ransomware is a concerning development, and enterprises must take immediate action to protect themselves. With its rapid expansion and multi-platform support, VanHelsing has the potential to cause significant damage. It’s essential to have robust cybersecurity measures in place to combat such sophisticated attacks.

Frequently Asked Questions

Q: What is VanHelsing ransomware?
A: VanHelsing is a ransomware-as-a-service (RaaS) platform that has been launched on March 7.

Q: Who is behind VanHelsing?
A: The threat actors behind VanHelsing are believed to be Russian cybercriminals.

Q: How does VanHelsing work?
A: VanHelsing is a multi-platform ransomware that can infect a wide variety of systems, including Windows, Linux, BSD, ARM, and ESXi. It operates by encrypting files and demanding a ransom in exchange for the decryption key.

Q: How much does it cost to join VanHelsing?
A: Affiliates must pay a deposit of $5,000 to gain access to the platform.

Q: How does VanHelsing make money?
A: After two blockchain confirmations of the victim’s ransom payment, the affiliates receive 80% of the revenue, while the remaining 20% is paid to the RaaS operators.